Tokens

Learn the concept behind serving engine tokens

Definition

Tokens in a ML Serving project refer to encoded JWT tokens containing access rights information for querying or managing models in a namespace.

Tokens object contains 2 attributes :

  • The list of authorized roles
  • The target resource

Roles

There are 2 available roles :

  • model-management : Tokens containing this role are allowed to manage models (deploy, update, delete) targeted by the applying resource.
  • model-evaluation : Tokens containing this role are allowed to evaluate models (i.e call the model http endpoint) targeted by the authorized resource.

Applying resource

The resource attribute describes the resource (i.e. model identifiers) on which roles are applied (see the example below). You can provide an exact identifier that will match the resource id or a fuzzy string that ends with * to match multiple resources starting with the same prefix or a * to match all resources

Example

A token containing a role of model-evaluation with an applying resource of iris* will be allowed to request evaluation of each model whose identifier starts with iris inside its namespace.

Considerations

  • Each Token is created inside a namespace and is only relevant for that namespace.
  • Tokens have no expiration date but can be renewed. For security purpose it is important for users to understand that tokens should be regularly renewed to avoid compromised ones.

Going further


Did you find this guide useful?

Please feel free to give any suggestions in order to improve this documentation.

Whether your feedback is about images, content, or structure, please share it, so that we can improve it together.

Your support requests will not be processed via this form. To do this, please use the "Create a ticket" form.

Thank you. Your feedback has been received.


These guides might also interest you...

OVHcloud Community

Access your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

Discuss with the OVHcloud community